Commit Graph

1067 Commits

Author SHA1 Message Date
c3f351d21f sshd_config: add commented AcceptEnv
and reason why it's commented, security, ShellShock worked with remotely
sent environent variables even with restricted accounts.
2015-09-06 07:33:32 +03:00
90c86466dd ssh_config: also sendenv LANGUAGE 2015-09-06 07:30:41 +03:00
6fc4b6a29b ssh_config: add missing dot 2015-09-05 23:50:31 +03:00
28c2f0b8d8 ssh_config: SendEnv LANG LC_* 2015-09-05 23:46:00 +03:00
ed0d6d663a don't use LC_ALL
According to ArchWiki, LANG sets LC_* which aren't explicitly set and
LC_ALL is meant for testing/troubleshooting only.
2015-09-05 23:39:16 +03:00
c50516ced3 etc/xdg/autostart: add redshift-gtk 2015-09-05 22:57:45 +03:00
c2b93abe27 relevant systemd services: after network-online 2015-09-05 09:07:41 +03:00
110fa37539 remove FINEID keys
1. I don't appear to even use the card.
2. They are RSA which is just expiring.
2015-09-02 18:21:59 +03:00
b12c2df5d2 ssh config: remove IdentityFile
It's more bother than it's worth in my use.
2015-09-02 18:15:53 +03:00
e37780bb2c add my ed25519 key 2015-09-02 18:04:04 +03:00
2687615bf0 chmod: touch ~/.ssh/authorized_keys before chmo...
dding it.
2015-09-02 16:38:59 +03:00
bd3ee60e61 ssh_config: fix paste fail 2015-09-02 08:33:02 +03:00
66f604a6dd ssh_config: add UpdateHostKeys yes 2015-09-02 08:15:16 +03:00
c05b52354f sshd_config: restore Client*
I am sure I committed them already, but they have disappeared somewhere.
Maybe I accidentally overwrote them.
2015-09-01 17:37:33 +03:00
888686ef48 etc/ssh/copy: add verbosity 2015-09-01 17:32:56 +03:00
c2c0c4fa08 etc/ssh: add copy script 2015-09-01 17:31:42 +03:00
25bf96e30a ssh_config: my ssh key is not system-wide 2015-09-01 17:16:37 +03:00
898b1dbfaf update ssh config 2015-09-01 17:14:06 +03:00
96dfc06668 ssh_config: remove unrelated comments 2015-09-01 17:06:33 +03:00
defa0b9df1 etc/ssh: add ssh_config 2015-09-01 16:48:27 +03:00
4cdf8dfe71 sshd_config: add ClientAliveCountMax ClientAliveInterval 2015-09-01 16:40:56 +03:00
2b266ac7e2 ssh config: add ServerAliveCountMax 2015-09-01 15:54:05 +03:00
359a4becb8 rc: remove OS X specific ssh-add
OS X OpenSSH doesn't work with VerifyHostKeyDNS=yes, so it OpenSSH must
be installed from Homebrew or MacPorts which (at least Homebrew) don't
support the flag to add the key to keychain.
2015-08-31 09:25:11 +03:00
702d426345 sort ssh config 2015-08-30 17:17:12 +03:00
a87af2c43c ssh config: add HashKnownHosts 2015-08-30 17:11:04 +03:00
898b30cccc update ssh config 2015-08-30 17:08:29 +03:00
73e9e99d9c sshd_config: cleaning up 2015-08-30 16:54:21 +03:00
7b8bf1710d conf/inxi.conf: use ♥ as inxi/inxi.conf 2015-08-28 20:02:43 +03:00
3c0bcab8d8 install: remove xsessionrc 2015-08-28 19:18:19 +03:00
db56a120ce rc: xsessionrc & migrate reasonable lines to profile 2015-08-28 19:17:08 +03:00
c922d0aa37 etc/ssh/sshd_config: fix banner 2015-08-28 19:25:26 +03:00
96538ae35c ssh config: add UpdateHostKeys=ask 2015-08-28 19:22:54 +03:00
7e4bbfba5a sshd_config: also remove ecdsa keys 2015-08-28 14:29:34 +03:00
04df2e532b update sshd_config from Arch
OpenSSH 7.1p1-1

Note the sftp subsystem which differs between at least Debian and Arch.
2015-08-28 14:00:25 +03:00
f69a361ed1 sshd_config: deprecate dsa 2015-08-28 13:54:36 +03:00
090f4154d6 rc: add $HOME/.linuxbrew/<bin|sbin|games> to $PATH
To symlink it to sdcard on Sailfish
2015-08-28 08:03:44 +03:00
ae6651cd47 systemd: add reflector.service 2015-08-25 14:13:44 +03:00
3d5360c706 ssh config: add verdarik & tezagm 2015-08-23 06:54:26 +03:00
b34a567af7 rc: alias winkey
The xxd method, because it's easier to alias. Closes #81
2015-08-22 15:13:22 +03:00
7ff510b42b add etc/install
Closes #74
2015-08-22 15:10:01 +03:00
bec7aced22 etc/systemd/system: README updates 2015-08-21 19:27:40 +03:00
76633ba61d add etc/unbound/dnscrypt-proxy.conf 2015-08-21 19:16:12 +03:00
18931c320a add dnscrypt proxy services
Thanks @Fusl

Fixes #63
2015-08-21 19:09:39 +03:00
dc5531dfcd cleaning etc/systemd/system 2015-08-21 19:06:11 +03:00
8a281a9550 ssh config: use nemo with synvaler 2015-08-20 20:48:28 +03:00
c4dcb39b8c nginx: remove the neverused vhost 2015-08-20 20:47:18 +03:00
3a32185433 etc/nginx/sites-availble: add X-Frame-Options 2015-08-20 20:36:32 +03:00
b2eaca582a rc: fix serversslcertfp function
Thanks @mgeedmin from Mikaela/mikaela.github.io#69

Other functions must still be checked probably.

Closes #82
2015-08-20 18:56:33 +03:00
a06465d161 unbound: move forwards.conf under unbound.conf.d 2015-08-20 18:39:40 +03:00
2ab0601c8d systemd: remove dnscrypt-proxy & add miredo 2015-08-20 18:29:00 +03:00